Skip to content

Commit 565c039

Browse files
mychidarkomychidarko
committed
bug fixes
1 parent db855c0 commit 565c039

9 files changed

Lines changed: 294 additions & 143 deletions

File tree

Leaf/ApiController.php

Lines changed: 1 addition & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -1,44 +1,19 @@
11
<?php
22
namespace Leaf;
33

4-
use \Leaf\Http\Response;
54
use \Leaf\Form;
65
/**
76
* Leaf PHP base controller
87
* --------------------------
98
* Loads the model and views
109
*/
11-
class ApiController {
10+
class ApiController extends \Leaf\Http\Response {
1211
public $response;
1312
public $form;
1413
public function __construct() {
15-
$this->response = new Response;
1614
$this->form = new Form;
1715
}
1816

19-
/**
20-
* Submit JSON encoded data to user
21-
*
22-
* @param array $data: An array of data to be displayed to the user
23-
*
24-
* @return void
25-
*/
26-
public function respond($data) {
27-
$this->response->respond($data);
28-
}
29-
30-
/**
31-
* Submit JSON encoded data to user with an http code
32-
*
33-
* @param array $data: An array of data to be displayed to the user
34-
* @param integer $code: An array of data to be displayed to the user
35-
*
36-
* @return void
37-
*/
38-
public function respondWithCode($data, $code) {
39-
$this->response->respondWithCode($data, $code);
40-
}
41-
4217
/**
4318
* Validate the given request with the given rules.
4419
*

Leaf/Auth.php

Lines changed: 91 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,8 @@
1212
* Perform simple authentication tasks.
1313
*/
1414
class Auth extends Mysqli {
15+
protected $errorsArray = [];
16+
1517
public function __construct() {
1618
$this->form = new Form;
1719
$this->response = new Response;
@@ -40,12 +42,12 @@ public function login(string $table, array $credentials, string $password_encode
4042
$data = [];
4143

4244
foreach ($credentials as $key => $value) {
43-
try {
44-
!$this->select($table, "*", "$key = ?", [$value]);
45-
} catch (\Throwable $th) {
46-
$this->response->throwErr(["error" => "$key is not a valid column in the $table table"]);
47-
exit();
48-
}
45+
// try {
46+
// !$this->select($table, "*", "$key = ?", [$value]);
47+
// } catch (\Throwable $th) {
48+
// $this->response->throwErr(["error" => "$key is not a valid column in the $table table"]);
49+
// exit();
50+
// }
4951

5052
array_push($keys, $key);
5153
array_push($data, $value);
@@ -59,8 +61,10 @@ public function login(string $table, array $credentials, string $password_encode
5961
$data_length = count($data);
6062

6163
if (!empty($this->form->errors())) {
62-
$this->response->throwErr($this->form->errors());
63-
exit();
64+
foreach ($this->form->errors() as $key => $value) {
65+
$this->errorsArray[$key] = $value;
66+
}
67+
return false;
6468
} else {
6569
$condition = "";
6670

@@ -74,10 +78,19 @@ public function login(string $table, array $credentials, string $password_encode
7478
$user = $this->select($table, "*", $condition, $data)->fetchObj();
7579

7680
if (!$user) {
77-
$this->response->throwErr("Incorrect credentials, please check and try again");
78-
exit();
81+
$this->errorsArray["auth"] = "Incorrect credentials, please check and try again";
82+
return false;
7983
}
84+
8085
$token = $this->token->generateSimpleToken($user->id, "User secret key");
86+
87+
if ($token == false) {
88+
foreach ($this->token->errors() as $key => $value) {
89+
$this->errorsArray[$key] = $value;
90+
}
91+
return false;
92+
}
93+
8194
$user->token = $token;
8295
unset($user->password);
8396

@@ -103,12 +116,12 @@ public function register(string $table, array $credentials, array $uniques = nul
103116
$data = [];
104117

105118
foreach ($credentials as $key => $value) {
106-
try {
107-
!$this->select($table, "*", "$key = ?", [$value]);
108-
} catch (\Throwable $th) {
109-
$this->response->throwErr(["error" => "$key is not a valid column in the $table table"]);
110-
exit();
111-
}
119+
// try {
120+
// $this->select($table, "*", "$key = ?", [$value]);
121+
// } catch (\Throwable $th) {
122+
// $this->response->throwErr(["error" => "$key is not a valid column in the $table table"]);
123+
// exit();
124+
// }
112125

113126
array_push($keys, $key);
114127
array_push($data, $value);
@@ -135,8 +148,8 @@ public function register(string $table, array $credentials, array $uniques = nul
135148
}
136149

137150
if (!empty($this->form->errors())) {
138-
$this->response->throwErr($this->form->errors());
139-
exit();
151+
array_push($this->errorsArray, $this->form->errors());
152+
return false;
140153
} else {
141154
$table_names = "";
142155
$table_values = "";
@@ -153,22 +166,74 @@ public function register(string $table, array $credentials, array $uniques = nul
153166
}
154167
}
155168

156-
$this->insert($table, $table_names, $table_values, $data);
169+
try {
170+
$this->insert($table, $table_names, $table_values, $data);
171+
} catch (\Throwable $th) {
172+
$this->errorsArray["error"] = $th;
173+
return false;
174+
}
157175
}
158176
}
159177

178+
/**
179+
* Validate Json Web Token
180+
*/
181+
public function validate($token) {
182+
$payload = $this->token->validate($token);
183+
184+
if ($payload == false) {
185+
foreach ($this->token->errors() as $key => $value) {
186+
$this->errorsArray[$key] = $value;
187+
}
188+
return false;
189+
}
190+
191+
return $payload;
192+
}
193+
194+
/**
195+
* Validate Bearer Token
196+
*/
160197
public function validateToken() {
161-
try {
162-
$bearerToken = $this->token->getBearerToken();
163-
$payload = $this->token->decode($bearerToken, JWT_KEY, ['HS256']);
164-
return $payload;
165-
} catch (Exception $e) {
166-
$this->response->respond([ "auth_error" => "Authentication failed. ".$e ]);;
167-
exit();
198+
$payload = $this->token->validateToken();
199+
200+
if ($payload == false) {
201+
foreach ($this->token->errors() as $key => $value) {
202+
$this->errorsArray[$key] = $value;
203+
}
204+
return false;
168205
}
206+
207+
return $payload;
169208
}
170209

210+
/**
211+
* Get Bearer token
212+
*/
213+
public function getBearerToken() {
214+
$token = $this->token->getBearerToken();
215+
216+
if ($token == false) {
217+
foreach ($this->token->errors() as $key => $value) {
218+
$this->errorsArray[$key] = $value;
219+
}
220+
return false;
221+
}
222+
223+
return $token;
224+
}
225+
226+
/**
227+
* Return form field
228+
*/
171229
public function get($param) {
172230
return $this->form->get($param);
173231
}
232+
233+
/**
234+
* Get all authentication errors as associative array
235+
*/
236+
public function errors() {
237+
return $this->errorsArray;
238+
}
174239
}

Leaf/Authentication.php

Lines changed: 62 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,8 @@
44
use \Leaf\Helpers\JWT;
55

66
class Authentication extends JWT {
7+
protected $errorsArray = [];
8+
79
public function generateSimpleToken($user_id, $secret_phrase) {
810
define('SECRET_KEY', $secret_phrase);
911
$payload = array(
@@ -23,34 +25,75 @@ public function generateToken($payload, $secret_phrase) {
2325
}
2426

2527
/**
26-
* get access token from header
27-
* */
28-
public function getBearerToken() {
29-
$headers = $this->getAuthorizationHeader();
30-
// HEADER: Get the access token from the header
31-
if (!empty($headers)) {
32-
if (preg_match('/Bearer\s(\S+)/', $headers, $matches)) {
33-
return $matches[1];
34-
}
35-
}
36-
// $this->throwError(ATHORIZATION_HEADER_NOT_FOUND, 'Access Token Not found');
37-
}
38-
28+
* Get Authorization Headers
29+
*/
3930
public function getAuthorizationHeader(){
40-
$headers = null;
31+
$headers = null;
32+
4133
if (isset($_SERVER['Authorization'])) {
4234
$headers = trim($_SERVER["Authorization"]);
43-
}
44-
else if (isset($_SERVER['HTTP_AUTHORIZATION'])) {
35+
} else if (isset($_SERVER['HTTP_AUTHORIZATION'])) {
4536
$headers = trim($_SERVER["HTTP_AUTHORIZATION"]);
46-
} elseif (function_exists('apache_request_headers')) {
37+
} else if (function_exists('apache_request_headers')) {
4738
$requestHeaders = apache_request_headers();
4839
// Server-side fix for bug in old Android versions (a nice side-effect of this fix means we don't care about capitalization for Authorization)
49-
$requestHeaders = array_combine(array_map('ucwords', array_keys($requestHeaders)), array_values($requestHeaders));
40+
$requestHeaders = array_combine(array_map('ucwords', array_keys($requestHeaders)), array_values($requestHeaders));
41+
5042
if (isset($requestHeaders['Authorization'])) {
5143
$headers = trim($requestHeaders['Authorization']);
5244
}
5345
}
5446
return $headers;
55-
}
47+
}
48+
49+
/**
50+
* get access token from header
51+
* */
52+
public function getBearerToken() {
53+
$headers = $this->getAuthorizationHeader();
54+
55+
if (!empty($headers)) {
56+
if (preg_match('/Bearer\s(\S+)/', $headers, $matches)) {
57+
return $matches[1];
58+
}
59+
$this->errorsArray["token"] = "Access token not found";
60+
return false;
61+
}
62+
63+
$this->errorsArray["token"] = "Access token not found";
64+
return false;
65+
}
66+
67+
public function validateToken() {
68+
$bearerToken = $this->token->getBearerToken();
69+
70+
if ($bearerToken == false) {
71+
return false;
72+
}
73+
74+
try {
75+
$payload = $this->token->decode($bearerToken, JWT_KEY, ['HS256']);
76+
return $payload;
77+
} catch(\Throwable $err) {
78+
$this->errorsArray["error"] = $err;
79+
return false;
80+
}
81+
}
82+
83+
public function validate($token) {
84+
try {
85+
$payload = $this->token->decode($token, JWT_KEY, ['HS256']);
86+
return $payload;
87+
} catch(\Throwable $err) {
88+
$this->errorsArray["error"] = $err;
89+
return false;
90+
}
91+
}
92+
93+
/**
94+
* Get all authentication errors as associative array
95+
*/
96+
public function errors() {
97+
return $this->errorsArray;
98+
}
5699
}

0 commit comments

Comments
 (0)